New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Isaca CISM Exam - Topic 1 Question 4 Discussion

Actual exam question for Isaca's CISM exam
Question #: 4
Topic #: 1
[All CISM Questions]

An information security manager has developed a strategy to address new information security risks resulting from recent change the business. Which of the following would be MOST important to include when presenting the strategy to senior management?

Show Suggested Answer Hide Answer
Suggested Answer: B

by Lizbeth at May 09, 2022, 06:01 PM

Limited Time Offer

25%

Off

Get Premium CISM Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Jonelle
4 months ago
Wait, are we sure the costs are really that important?
upvoted 0 times
...
Skye
4 months ago
Security controls for risk mitigation should be the main focus!
upvoted 0 times
...
Deonna
4 months ago
Benchmarking against peers is nice, but not the top priority here.
upvoted 0 times
...
Claribel
4 months ago
I think the impact on the security risk profile is crucial too.
upvoted 0 times
...
Howard
5 months ago
Definitely need to show the costs involved.
upvoted 0 times
...
Chauncey
5 months ago
I feel like the costs associated with business process changes might be important, but I wonder if it overshadows the actual security risks involved.
upvoted 0 times
...
Alline
5 months ago
I remember practicing a question similar to this where the focus was on security controls needed for risk mitigation. That seems really relevant here too.
upvoted 0 times
...
Marya
5 months ago
I think the impact of organizational changes on the security risk profile is crucial, but I'm not entirely sure if it's the most important point to present.
upvoted 0 times
...
Mitsue
5 months ago
Benchmarking against industry peers could provide valuable context, but I think senior management would prioritize understanding the specific security controls needed for risk mitigation.
upvoted 0 times
...
Ceola
5 months ago
I remember learning about agile in one of my classes. I think the key is that agile teams are flexible and responsive, not rigidly following a pre-defined plan. So I'm going to go with option D.
upvoted 0 times
...
Francesco
5 months ago
Hmm, this looks like a pretty straightforward BGP question. I should be able to figure this out.
upvoted 0 times
...
Fairy
5 months ago
Okay, I think I've got this. Based on the details in the passage, SoundCare was looking inward at its own organization to identify a weakness. That sounds like an internal assessment to me, so I'm going to go with option B.
upvoted 0 times
...
Ranee
5 months ago
This looks like a straightforward cost classification question. I'll need to think through which costs are variable versus fixed.
upvoted 0 times
...

Save Cancel